From: Joseph Block <jpb@gate.net>
To: cypherpunks@toad.com (cypherpunks mailing list)
Message Hash: ac99d7686545a01d3f3e70166ad06525abdbc2a94e591cec9d03b1abd7e0b37a
Message ID: <199407041451.KAA56206@inca.gate.net>
Reply To: N/A
UTC Datetime: 1994-07-04 14:48:05 UTC
Raw Date: Mon, 4 Jul 94 07:48:05 PDT
From: Joseph Block <jpb@gate.net>
Date: Mon, 4 Jul 94 07:48:05 PDT
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Pass Phrases
Message-ID: <199407041451.KAA56206@inca.gate.net>
MIME-Version: 1.0
Content-Type: text
Maybe I'm just being a little dense about this.
If I am the only person who knows what pair of texts I'm using and what
permutation algorithm, and what the random number I'm going to salt the
pass phrase with, and where I'm going to put the random digits, how is it
insecure?
Say I use the following two key phrases
The Quick Brown Fox Jumps Over The Lazy Dog
Oh Be A Fine Girl Kiss Me
I decide my method is going to be first letter of each word of the first
phrase, last letter of each word of the second phrase
I get
THQEBAFLJSOMTHLEDA
I then throw in 1701 as follows
1701THQ1EBA7FLJ0SOM1THL1EDA7
Without knowing the phrases, method, or number, what makes this insecure?
I'm not deliberately trying to be dense, I'd like to know why I shouldn't use
this sort of mnemonic method to remember the pass phrase.
jpb@gate.net
Return to July 1994
Return to “tcmay@netcom.com (Timothy C. May)”